1 /* $NetBSD: in6.c,v 1.208 2016/07/08 06:18:29 ozaki-r Exp $ */ 2 /* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */ 3 4 /* 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)in.c 8.2 (Berkeley) 11/15/93 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.208 2016/07/08 06:18:29 ozaki-r Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_inet.h" 69 #include "opt_compat_netbsd.h" 70 #endif 71 72 #include <sys/param.h> 73 #include <sys/ioctl.h> 74 #include <sys/errno.h> 75 #include <sys/malloc.h> 76 #include <sys/socket.h> 77 #include <sys/socketvar.h> 78 #include <sys/sockio.h> 79 #include <sys/systm.h> 80 #include <sys/proc.h> 81 #include <sys/time.h> 82 #include <sys/kernel.h> 83 #include <sys/syslog.h> 84 #include <sys/kauth.h> 85 #include <sys/cprng.h> 86 #include <sys/kmem.h> 87 88 #include <net/if.h> 89 #include <net/if_types.h> 90 #include <net/if_llatbl.h> 91 #include <net/if_ether.h> 92 #include <net/if_dl.h> 93 #include <net/pfil.h> 94 #include <net/route.h> 95 96 #include <netinet/in.h> 97 #include <netinet/in_var.h> 98 99 #include <netinet/ip6.h> 100 #include <netinet6/ip6_var.h> 101 #include <netinet6/nd6.h> 102 #include <netinet6/mld6_var.h> 103 #include <netinet6/ip6_mroute.h> 104 #include <netinet6/in6_ifattach.h> 105 #include <netinet6/scope6_var.h> 106 107 #include <net/net_osdep.h> 108 109 #ifdef COMPAT_50 110 #include <compat/netinet6/in6_var.h> 111 #endif 112 113 MALLOC_DEFINE(M_IP6OPT, "ip6_options", "IPv6 options"); 114 115 /* enable backward compatibility code for obsoleted ioctls */ 116 #define COMPAT_IN6IFIOCTL 117 118 #ifdef IN6_DEBUG 119 #define IN6_DPRINTF(__fmt, ...) printf(__fmt, __VA_ARGS__) 120 #else 121 #define IN6_DPRINTF(__fmt, ...) do { } while (/*CONSTCOND*/0) 122 #endif /* IN6_DEBUG */ 123 124 /* 125 * Definitions of some constant IP6 addresses. 126 */ 127 const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; 128 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; 129 const struct in6_addr in6addr_nodelocal_allnodes = 130 IN6ADDR_NODELOCAL_ALLNODES_INIT; 131 const struct in6_addr in6addr_linklocal_allnodes = 132 IN6ADDR_LINKLOCAL_ALLNODES_INIT; 133 const struct in6_addr in6addr_linklocal_allrouters = 134 IN6ADDR_LINKLOCAL_ALLROUTERS_INIT; 135 136 const struct in6_addr in6mask0 = IN6MASK0; 137 const struct in6_addr in6mask32 = IN6MASK32; 138 const struct in6_addr in6mask64 = IN6MASK64; 139 const struct in6_addr in6mask96 = IN6MASK96; 140 const struct in6_addr in6mask128 = IN6MASK128; 141 142 const struct sockaddr_in6 sa6_any = {sizeof(sa6_any), AF_INET6, 143 0, 0, IN6ADDR_ANY_INIT, 0}; 144 145 struct pslist_head in6_ifaddr_list; 146 147 static int in6_lifaddr_ioctl(struct socket *, u_long, void *, 148 struct ifnet *); 149 static int in6_ifinit(struct ifnet *, struct in6_ifaddr *, 150 const struct sockaddr_in6 *, int); 151 static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *); 152 153 void 154 in6_init(void) 155 { 156 157 PSLIST_INIT(&in6_ifaddr_list); 158 } 159 160 /* 161 * Add ownaddr as loopback rtentry. We previously add the route only if 162 * necessary (ex. on a p2p link). However, since we now manage addresses 163 * separately from prefixes, we should always add the route. We can't 164 * rely on the cloning mechanism from the corresponding interface route 165 * any more. 166 */ 167 void 168 in6_ifaddlocal(struct ifaddr *ifa) 169 { 170 171 if (IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &in6addr_any) || 172 (ifa->ifa_ifp->if_flags & IFF_POINTOPOINT && 173 IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), IFA_DSTIN6(ifa)))) 174 { 175 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 176 return; 177 } 178 179 rt_ifa_addlocal(ifa); 180 } 181 182 /* 183 * Remove loopback rtentry of ownaddr generated by in6_ifaddlocal(), 184 * if it exists. 185 */ 186 void 187 in6_ifremlocal(struct ifaddr *ifa) 188 { 189 struct in6_ifaddr *ia; 190 struct ifaddr *alt_ifa = NULL; 191 int ia_count = 0; 192 193 /* 194 * Some of BSD variants do not remove cloned routes 195 * from an interface direct route, when removing the direct route 196 * (see comments in net/net_osdep.h). Even for variants that do remove 197 * cloned routes, they could fail to remove the cloned routes when 198 * we handle multple addresses that share a common prefix. 199 * So, we should remove the route corresponding to the deleted address. 200 */ 201 202 /* 203 * Delete the entry only if exactly one ifaddr matches the 204 * address, ifa->ifa_addr. 205 * 206 * If more than one ifaddr matches, replace the ifaddr in 207 * the routing table, rt_ifa, with a different ifaddr than 208 * the one we are purging, ifa. It is important to do 209 * this, or else the routing table can accumulate dangling 210 * pointers rt->rt_ifa->ifa_ifp to destroyed interfaces, 211 * which will lead to crashes, later. (More than one ifaddr 212 * can match if we assign the same address to multiple---probably 213 * p2p---interfaces.) 214 * 215 * XXX An old comment at this place said, "we should avoid 216 * XXX such a configuration [i.e., interfaces with the same 217 * XXX addressed assigned --ed.] in IPv6...". I do not 218 * XXX agree, especially now that I have fixed the dangling 219 * XXX ifp-pointers bug. 220 */ 221 IN6_ADDRLIST_READER_FOREACH(ia) { 222 if (!IN6_ARE_ADDR_EQUAL(IFA_IN6(ifa), &ia->ia_addr.sin6_addr)) 223 continue; 224 if (ia->ia_ifp != ifa->ifa_ifp) 225 alt_ifa = &ia->ia_ifa; 226 if (++ia_count > 1 && alt_ifa != NULL) 227 break; 228 } 229 230 if (ia_count == 0) 231 return; 232 233 rt_ifa_remlocal(ifa, ia_count == 1 ? NULL : alt_ifa); 234 } 235 236 int 237 in6_mask2len(struct in6_addr *mask, u_char *lim0) 238 { 239 int x = 0, y; 240 u_char *lim = lim0, *p; 241 242 /* ignore the scope_id part */ 243 if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask)) 244 lim = (u_char *)mask + sizeof(*mask); 245 for (p = (u_char *)mask; p < lim; x++, p++) { 246 if (*p != 0xff) 247 break; 248 } 249 y = 0; 250 if (p < lim) { 251 for (y = 0; y < NBBY; y++) { 252 if ((*p & (0x80 >> y)) == 0) 253 break; 254 } 255 } 256 257 /* 258 * when the limit pointer is given, do a stricter check on the 259 * remaining bits. 260 */ 261 if (p < lim) { 262 if (y != 0 && (*p & (0x00ff >> y)) != 0) 263 return -1; 264 for (p = p + 1; p < lim; p++) 265 if (*p != 0) 266 return -1; 267 } 268 269 return x * NBBY + y; 270 } 271 272 #define ifa2ia6(ifa) ((struct in6_ifaddr *)(ifa)) 273 #define ia62ifa(ia6) (&((ia6)->ia_ifa)) 274 275 static int 276 in6_control1(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 277 { 278 struct in6_ifreq *ifr = (struct in6_ifreq *)data; 279 struct in6_ifaddr *ia = NULL; 280 struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; 281 struct sockaddr_in6 *sa6; 282 int error; 283 284 switch (cmd) { 285 case SIOCAADDRCTL_POLICY: 286 case SIOCDADDRCTL_POLICY: 287 /* Privileged. */ 288 return in6_src_ioctl(cmd, data); 289 /* 290 * XXX: Fix me, once we fix SIOCSIFADDR, SIOCIFDSTADDR, etc. 291 */ 292 case SIOCSIFADDR: 293 case SIOCSIFDSTADDR: 294 case SIOCSIFBRDADDR: 295 case SIOCSIFNETMASK: 296 return EOPNOTSUPP; 297 case SIOCGETSGCNT_IN6: 298 case SIOCGETMIFCNT_IN6: 299 return mrt6_ioctl(cmd, data); 300 case SIOCGIFADDRPREF: 301 case SIOCSIFADDRPREF: 302 if (ifp == NULL) 303 return EINVAL; 304 return ifaddrpref_ioctl(so, cmd, data, ifp); 305 } 306 307 if (ifp == NULL) 308 return EOPNOTSUPP; 309 310 switch (cmd) { 311 case SIOCSNDFLUSH_IN6: 312 case SIOCSPFXFLUSH_IN6: 313 case SIOCSRTRFLUSH_IN6: 314 case SIOCSDEFIFACE_IN6: 315 case SIOCSIFINFO_FLAGS: 316 case SIOCSIFINFO_IN6: 317 /* Privileged. */ 318 /* FALLTHROUGH */ 319 case OSIOCGIFINFO_IN6: 320 case SIOCGIFINFO_IN6: 321 case SIOCGDRLST_IN6: 322 case SIOCGPRLST_IN6: 323 case SIOCGNBRINFO_IN6: 324 case SIOCGDEFIFACE_IN6: 325 return nd6_ioctl(cmd, data, ifp); 326 } 327 328 switch (cmd) { 329 case SIOCSIFPREFIX_IN6: 330 case SIOCDIFPREFIX_IN6: 331 case SIOCAIFPREFIX_IN6: 332 case SIOCCIFPREFIX_IN6: 333 case SIOCSGIFPREFIX_IN6: 334 case SIOCGIFPREFIX_IN6: 335 log(LOG_NOTICE, 336 "prefix ioctls are now invalidated. " 337 "please use ifconfig.\n"); 338 return EOPNOTSUPP; 339 } 340 341 switch (cmd) { 342 case SIOCALIFADDR: 343 case SIOCDLIFADDR: 344 /* Privileged. */ 345 /* FALLTHROUGH */ 346 case SIOCGLIFADDR: 347 return in6_lifaddr_ioctl(so, cmd, data, ifp); 348 } 349 350 /* 351 * Find address for this interface, if it exists. 352 * 353 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation 354 * only, and used the first interface address as the target of other 355 * operations (without checking ifra_addr). This was because netinet 356 * code/API assumed at most 1 interface address per interface. 357 * Since IPv6 allows a node to assign multiple addresses 358 * on a single interface, we almost always look and check the 359 * presence of ifra_addr, and reject invalid ones here. 360 * It also decreases duplicated code among SIOC*_IN6 operations. 361 */ 362 switch (cmd) { 363 case SIOCAIFADDR_IN6: 364 #ifdef OSIOCAIFADDR_IN6 365 case OSIOCAIFADDR_IN6: 366 #endif 367 #ifdef OSIOCSIFPHYADDR_IN6 368 case OSIOCSIFPHYADDR_IN6: 369 #endif 370 case SIOCSIFPHYADDR_IN6: 371 sa6 = &ifra->ifra_addr; 372 break; 373 case SIOCSIFADDR_IN6: 374 case SIOCGIFADDR_IN6: 375 case SIOCSIFDSTADDR_IN6: 376 case SIOCSIFNETMASK_IN6: 377 case SIOCGIFDSTADDR_IN6: 378 case SIOCGIFNETMASK_IN6: 379 case SIOCDIFADDR_IN6: 380 case SIOCGIFPSRCADDR_IN6: 381 case SIOCGIFPDSTADDR_IN6: 382 case SIOCGIFAFLAG_IN6: 383 case SIOCSNDFLUSH_IN6: 384 case SIOCSPFXFLUSH_IN6: 385 case SIOCSRTRFLUSH_IN6: 386 case SIOCGIFALIFETIME_IN6: 387 #ifdef OSIOCGIFALIFETIME_IN6 388 case OSIOCGIFALIFETIME_IN6: 389 #endif 390 case SIOCGIFSTAT_IN6: 391 case SIOCGIFSTAT_ICMP6: 392 sa6 = &ifr->ifr_addr; 393 break; 394 default: 395 sa6 = NULL; 396 break; 397 } 398 if (sa6 && sa6->sin6_family == AF_INET6) { 399 if (sa6->sin6_scope_id != 0) 400 error = sa6_embedscope(sa6, 0); 401 else 402 error = in6_setscope(&sa6->sin6_addr, ifp, NULL); 403 if (error != 0) 404 return error; 405 ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr); 406 } else 407 ia = NULL; 408 409 switch (cmd) { 410 case SIOCSIFADDR_IN6: 411 case SIOCSIFDSTADDR_IN6: 412 case SIOCSIFNETMASK_IN6: 413 /* 414 * Since IPv6 allows a node to assign multiple addresses 415 * on a single interface, SIOCSIFxxx ioctls are deprecated. 416 */ 417 return EINVAL; 418 419 case SIOCDIFADDR_IN6: 420 /* 421 * for IPv4, we look for existing in_ifaddr here to allow 422 * "ifconfig if0 delete" to remove the first IPv4 address on 423 * the interface. For IPv6, as the spec allows multiple 424 * interface address from the day one, we consider "remove the 425 * first one" semantics to be not preferable. 426 */ 427 if (ia == NULL) 428 return EADDRNOTAVAIL; 429 /* FALLTHROUGH */ 430 #ifdef OSIOCAIFADDR_IN6 431 case OSIOCAIFADDR_IN6: 432 #endif 433 case SIOCAIFADDR_IN6: 434 /* 435 * We always require users to specify a valid IPv6 address for 436 * the corresponding operation. 437 */ 438 if (ifra->ifra_addr.sin6_family != AF_INET6 || 439 ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) 440 return EAFNOSUPPORT; 441 /* Privileged. */ 442 443 break; 444 445 case SIOCGIFADDR_IN6: 446 /* This interface is basically deprecated. use SIOCGIFCONF. */ 447 /* FALLTHROUGH */ 448 case SIOCGIFAFLAG_IN6: 449 case SIOCGIFNETMASK_IN6: 450 case SIOCGIFDSTADDR_IN6: 451 case SIOCGIFALIFETIME_IN6: 452 #ifdef OSIOCGIFALIFETIME_IN6 453 case OSIOCGIFALIFETIME_IN6: 454 #endif 455 /* must think again about its semantics */ 456 if (ia == NULL) 457 return EADDRNOTAVAIL; 458 break; 459 } 460 461 switch (cmd) { 462 463 case SIOCGIFADDR_IN6: 464 ifr->ifr_addr = ia->ia_addr; 465 if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0) 466 return error; 467 break; 468 469 case SIOCGIFDSTADDR_IN6: 470 if ((ifp->if_flags & IFF_POINTOPOINT) == 0) 471 return EINVAL; 472 /* 473 * XXX: should we check if ifa_dstaddr is NULL and return 474 * an error? 475 */ 476 ifr->ifr_dstaddr = ia->ia_dstaddr; 477 if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0) 478 return error; 479 break; 480 481 case SIOCGIFNETMASK_IN6: 482 ifr->ifr_addr = ia->ia_prefixmask; 483 break; 484 485 case SIOCGIFAFLAG_IN6: 486 ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags; 487 break; 488 489 case SIOCGIFSTAT_IN6: 490 if (ifp == NULL) 491 return EINVAL; 492 memset(&ifr->ifr_ifru.ifru_stat, 0, 493 sizeof(ifr->ifr_ifru.ifru_stat)); 494 ifr->ifr_ifru.ifru_stat = 495 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->in6_ifstat; 496 break; 497 498 case SIOCGIFSTAT_ICMP6: 499 if (ifp == NULL) 500 return EINVAL; 501 memset(&ifr->ifr_ifru.ifru_icmp6stat, 0, 502 sizeof(ifr->ifr_ifru.ifru_icmp6stat)); 503 ifr->ifr_ifru.ifru_icmp6stat = 504 *((struct in6_ifextra *)ifp->if_afdata[AF_INET6])->icmp6_ifstat; 505 break; 506 507 #ifdef OSIOCGIFALIFETIME_IN6 508 case OSIOCGIFALIFETIME_IN6: 509 #endif 510 case SIOCGIFALIFETIME_IN6: 511 ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime; 512 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 513 time_t maxexpire; 514 struct in6_addrlifetime *retlt = 515 &ifr->ifr_ifru.ifru_lifetime; 516 517 /* 518 * XXX: adjust expiration time assuming time_t is 519 * signed. 520 */ 521 maxexpire = ((time_t)~0) & 522 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 523 if (ia->ia6_lifetime.ia6t_vltime < 524 maxexpire - ia->ia6_updatetime) { 525 retlt->ia6t_expire = ia->ia6_updatetime + 526 ia->ia6_lifetime.ia6t_vltime; 527 retlt->ia6t_expire = retlt->ia6t_expire ? 528 time_mono_to_wall(retlt->ia6t_expire) : 529 0; 530 } else 531 retlt->ia6t_expire = maxexpire; 532 } 533 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 534 time_t maxexpire; 535 struct in6_addrlifetime *retlt = 536 &ifr->ifr_ifru.ifru_lifetime; 537 538 /* 539 * XXX: adjust expiration time assuming time_t is 540 * signed. 541 */ 542 maxexpire = ((time_t)~0) & 543 ~((time_t)1 << ((sizeof(maxexpire) * NBBY) - 1)); 544 if (ia->ia6_lifetime.ia6t_pltime < 545 maxexpire - ia->ia6_updatetime) { 546 retlt->ia6t_preferred = ia->ia6_updatetime + 547 ia->ia6_lifetime.ia6t_pltime; 548 retlt->ia6t_preferred = retlt->ia6t_preferred ? 549 time_mono_to_wall(retlt->ia6t_preferred) : 550 0; 551 } else 552 retlt->ia6t_preferred = maxexpire; 553 } 554 #ifdef OSIOCFIFALIFETIME_IN6 555 if (cmd == OSIOCFIFALIFETIME_IN6) 556 in6_addrlifetime_to_in6_addrlifetime50( 557 &ifr->ifru.ifru_lifetime); 558 #endif 559 break; 560 561 #ifdef OSIOCAIFADDR_IN6 562 case OSIOCAIFADDR_IN6: 563 in6_aliasreq50_to_in6_aliasreq(ifra); 564 /*FALLTHROUGH*/ 565 #endif 566 case SIOCAIFADDR_IN6: 567 { 568 int i; 569 struct nd_prefixctl prc0; 570 struct nd_prefix *pr; 571 struct in6_addrlifetime *lt; 572 573 /* reject read-only flags */ 574 if ((ifra->ifra_flags & IN6_IFF_DUPLICATED) != 0 || 575 (ifra->ifra_flags & IN6_IFF_DETACHED) != 0 || 576 (ifra->ifra_flags & IN6_IFF_TENTATIVE) != 0 || 577 (ifra->ifra_flags & IN6_IFF_NODAD) != 0 || 578 (ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0) { 579 return EINVAL; 580 } 581 /* 582 * ia6t_expire and ia6t_preferred won't be used for now, 583 * so just in case. 584 */ 585 lt = &ifra->ifra_lifetime; 586 if (lt->ia6t_expire != 0) 587 lt->ia6t_expire = time_wall_to_mono(lt->ia6t_expire); 588 if (lt->ia6t_preferred != 0) 589 lt->ia6t_preferred = 590 time_wall_to_mono(lt->ia6t_preferred); 591 /* 592 * first, make or update the interface address structure, 593 * and link it to the list. 594 */ 595 if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0) 596 return error; 597 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) 598 == NULL) { 599 /* 600 * this can happen when the user specify the 0 valid 601 * lifetime. 602 */ 603 break; 604 } 605 606 /* 607 * then, make the prefix on-link on the interface. 608 * XXX: we'd rather create the prefix before the address, but 609 * we need at least one address to install the corresponding 610 * interface route, so we configure the address first. 611 */ 612 613 /* 614 * convert mask to prefix length (prefixmask has already 615 * been validated in in6_update_ifa(). 616 */ 617 memset(&prc0, 0, sizeof(prc0)); 618 prc0.ndprc_ifp = ifp; 619 prc0.ndprc_plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 620 NULL); 621 if (prc0.ndprc_plen == 128) { 622 break; /* we don't need to install a host route. */ 623 } 624 prc0.ndprc_prefix = ifra->ifra_addr; 625 /* apply the mask for safety. */ 626 for (i = 0; i < 4; i++) { 627 prc0.ndprc_prefix.sin6_addr.s6_addr32[i] &= 628 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i]; 629 } 630 /* 631 * XXX: since we don't have an API to set prefix (not address) 632 * lifetimes, we just use the same lifetimes as addresses. 633 * The (temporarily) installed lifetimes can be overridden by 634 * later advertised RAs (when accept_rtadv is non 0), which is 635 * an intended behavior. 636 */ 637 prc0.ndprc_raf_onlink = 1; /* should be configurable? */ 638 prc0.ndprc_raf_auto = 639 ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0); 640 prc0.ndprc_vltime = ifra->ifra_lifetime.ia6t_vltime; 641 prc0.ndprc_pltime = ifra->ifra_lifetime.ia6t_pltime; 642 643 /* add the prefix if not yet. */ 644 if ((pr = nd6_prefix_lookup(&prc0)) == NULL) { 645 /* 646 * nd6_prelist_add will install the corresponding 647 * interface route. 648 */ 649 if ((error = nd6_prelist_add(&prc0, NULL, &pr)) != 0) 650 return error; 651 if (pr == NULL) { 652 log(LOG_ERR, "nd6_prelist_add succeeded but " 653 "no prefix\n"); 654 return EINVAL; /* XXX panic here? */ 655 } 656 } 657 658 /* relate the address to the prefix */ 659 if (ia->ia6_ndpr == NULL) { 660 ia->ia6_ndpr = pr; 661 pr->ndpr_refcnt++; 662 663 /* 664 * If this is the first autoconf address from the 665 * prefix, create a temporary address as well 666 * (when required). 667 */ 668 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) && 669 ip6_use_tempaddr && pr->ndpr_refcnt == 1) { 670 int e; 671 if ((e = in6_tmpifadd(ia, 1, 0)) != 0) { 672 log(LOG_NOTICE, "in6_control: failed " 673 "to create a temporary address, " 674 "errno=%d\n", e); 675 } 676 } 677 } 678 679 /* 680 * this might affect the status of autoconfigured addresses, 681 * that is, this address might make other addresses detached. 682 */ 683 pfxlist_onlink_check(); 684 685 (void)pfil_run_hooks(if_pfil, (struct mbuf **)SIOCAIFADDR_IN6, 686 ifp, PFIL_IFADDR); 687 break; 688 } 689 690 case SIOCDIFADDR_IN6: 691 { 692 struct nd_prefix *pr; 693 694 /* 695 * If the address being deleted is the only one that owns 696 * the corresponding prefix, expire the prefix as well. 697 * XXX: theoretically, we don't have to worry about such 698 * relationship, since we separate the address management 699 * and the prefix management. We do this, however, to provide 700 * as much backward compatibility as possible in terms of 701 * the ioctl operation. 702 * Note that in6_purgeaddr() will decrement ndpr_refcnt. 703 */ 704 pr = ia->ia6_ndpr; 705 in6_purgeaddr(&ia->ia_ifa); 706 if (pr && pr->ndpr_refcnt == 0) 707 prelist_remove(pr); 708 (void)pfil_run_hooks(if_pfil, (struct mbuf **)SIOCDIFADDR_IN6, 709 ifp, PFIL_IFADDR); 710 break; 711 } 712 713 default: 714 return ENOTTY; 715 } 716 717 return 0; 718 } 719 720 int 721 in6_control(struct socket *so, u_long cmd, void *data, struct ifnet *ifp) 722 { 723 int error, s; 724 725 switch (cmd) { 726 case SIOCSNDFLUSH_IN6: 727 case SIOCSPFXFLUSH_IN6: 728 case SIOCSRTRFLUSH_IN6: 729 case SIOCSDEFIFACE_IN6: 730 case SIOCSIFINFO_FLAGS: 731 case SIOCSIFINFO_IN6: 732 733 case SIOCALIFADDR: 734 case SIOCDLIFADDR: 735 736 case SIOCDIFADDR_IN6: 737 #ifdef OSIOCAIFADDR_IN6 738 case OSIOCAIFADDR_IN6: 739 #endif 740 case SIOCAIFADDR_IN6: 741 742 case SIOCAADDRCTL_POLICY: 743 case SIOCDADDRCTL_POLICY: 744 745 if (kauth_authorize_network(curlwp->l_cred, 746 KAUTH_NETWORK_SOCKET, 747 KAUTH_REQ_NETWORK_SOCKET_SETPRIV, 748 so, NULL, NULL)) 749 return EPERM; 750 break; 751 } 752 753 s = splnet(); 754 error = in6_control1(so , cmd, data, ifp); 755 splx(s); 756 return error; 757 } 758 759 /* 760 * Update parameters of an IPv6 interface address. 761 * If necessary, a new entry is created and linked into address chains. 762 * This function is separated from in6_control(). 763 * XXX: should this be performed under splnet()? 764 */ 765 static int 766 in6_update_ifa1(struct ifnet *ifp, struct in6_aliasreq *ifra, 767 struct in6_ifaddr *ia, int flags) 768 { 769 int error = 0, hostIsNew = 0, plen = -1; 770 struct sockaddr_in6 dst6; 771 struct in6_addrlifetime *lt; 772 struct in6_multi_mship *imm; 773 struct in6_multi *in6m_sol; 774 struct rtentry *rt; 775 int dad_delay, was_tentative; 776 777 in6m_sol = NULL; 778 779 /* Validate parameters */ 780 if (ifp == NULL || ifra == NULL) /* this maybe redundant */ 781 return EINVAL; 782 783 /* 784 * The destination address for a p2p link must have a family 785 * of AF_UNSPEC or AF_INET6. 786 */ 787 if ((ifp->if_flags & IFF_POINTOPOINT) != 0 && 788 ifra->ifra_dstaddr.sin6_family != AF_INET6 && 789 ifra->ifra_dstaddr.sin6_family != AF_UNSPEC) 790 return EAFNOSUPPORT; 791 /* 792 * validate ifra_prefixmask. don't check sin6_family, netmask 793 * does not carry fields other than sin6_len. 794 */ 795 if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6)) 796 return EINVAL; 797 /* 798 * Because the IPv6 address architecture is classless, we require 799 * users to specify a (non 0) prefix length (mask) for a new address. 800 * We also require the prefix (when specified) mask is valid, and thus 801 * reject a non-consecutive mask. 802 */ 803 if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0) 804 return EINVAL; 805 if (ifra->ifra_prefixmask.sin6_len != 0) { 806 plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, 807 (u_char *)&ifra->ifra_prefixmask + 808 ifra->ifra_prefixmask.sin6_len); 809 if (plen <= 0) 810 return EINVAL; 811 } else { 812 /* 813 * In this case, ia must not be NULL. We just use its prefix 814 * length. 815 */ 816 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 817 } 818 /* 819 * If the destination address on a p2p interface is specified, 820 * and the address is a scoped one, validate/set the scope 821 * zone identifier. 822 */ 823 dst6 = ifra->ifra_dstaddr; 824 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 && 825 (dst6.sin6_family == AF_INET6)) { 826 struct in6_addr in6_tmp; 827 u_int32_t zoneid; 828 829 in6_tmp = dst6.sin6_addr; 830 if (in6_setscope(&in6_tmp, ifp, &zoneid)) 831 return EINVAL; /* XXX: should be impossible */ 832 833 if (dst6.sin6_scope_id != 0) { 834 if (dst6.sin6_scope_id != zoneid) 835 return EINVAL; 836 } else /* user omit to specify the ID. */ 837 dst6.sin6_scope_id = zoneid; 838 839 /* convert into the internal form */ 840 if (sa6_embedscope(&dst6, 0)) 841 return EINVAL; /* XXX: should be impossible */ 842 } 843 /* 844 * The destination address can be specified only for a p2p or a 845 * loopback interface. If specified, the corresponding prefix length 846 * must be 128. 847 */ 848 if (ifra->ifra_dstaddr.sin6_family == AF_INET6) { 849 #ifdef FORCE_P2PPLEN 850 int i; 851 #endif 852 853 if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) { 854 /* XXX: noisy message */ 855 nd6log(LOG_INFO, "a destination can " 856 "be specified for a p2p or a loopback IF only\n"); 857 return EINVAL; 858 } 859 if (plen != 128) { 860 nd6log(LOG_INFO, "prefixlen should " 861 "be 128 when dstaddr is specified\n"); 862 #ifdef FORCE_P2PPLEN 863 /* 864 * To be compatible with old configurations, 865 * such as ifconfig gif0 inet6 2001::1 2001::2 866 * prefixlen 126, we override the specified 867 * prefixmask as if the prefix length was 128. 868 */ 869 ifra->ifra_prefixmask.sin6_len = 870 sizeof(struct sockaddr_in6); 871 for (i = 0; i < 4; i++) 872 ifra->ifra_prefixmask.sin6_addr.s6_addr32[i] = 873 0xffffffff; 874 plen = 128; 875 #else 876 return EINVAL; 877 #endif 878 } 879 } 880 /* lifetime consistency check */ 881 lt = &ifra->ifra_lifetime; 882 if (lt->ia6t_pltime > lt->ia6t_vltime) 883 return EINVAL; 884 if (lt->ia6t_vltime == 0) { 885 /* 886 * the following log might be noisy, but this is a typical 887 * configuration mistake or a tool's bug. 888 */ 889 nd6log(LOG_INFO, "valid lifetime is 0 for %s\n", 890 ip6_sprintf(&ifra->ifra_addr.sin6_addr)); 891 892 if (ia == NULL) 893 return 0; /* there's nothing to do */ 894 } 895 896 /* 897 * If this is a new address, allocate a new ifaddr and link it 898 * into chains. 899 */ 900 if (ia == NULL) { 901 hostIsNew = 1; 902 /* 903 * When in6_update_ifa() is called in a process of a received 904 * RA, it is called under an interrupt context. So, we should 905 * call malloc with M_NOWAIT. 906 */ 907 ia = (struct in6_ifaddr *) malloc(sizeof(*ia), M_IFADDR, 908 M_NOWAIT); 909 if (ia == NULL) 910 return ENOBUFS; 911 memset(ia, 0, sizeof(*ia)); 912 LIST_INIT(&ia->ia6_memberships); 913 /* Initialize the address and masks, and put time stamp */ 914 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr; 915 ia->ia_addr.sin6_family = AF_INET6; 916 ia->ia_addr.sin6_len = sizeof(ia->ia_addr); 917 ia->ia6_createtime = time_uptime; 918 if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) { 919 /* 920 * XXX: some functions expect that ifa_dstaddr is not 921 * NULL for p2p interfaces. 922 */ 923 ia->ia_ifa.ifa_dstaddr = 924 (struct sockaddr *)&ia->ia_dstaddr; 925 } else { 926 ia->ia_ifa.ifa_dstaddr = NULL; 927 } 928 ia->ia_ifa.ifa_netmask = 929 (struct sockaddr *)&ia->ia_prefixmask; 930 931 ia->ia_ifp = ifp; 932 IN6_ADDRLIST_ENTRY_INIT(ia); 933 } 934 935 /* update timestamp */ 936 ia->ia6_updatetime = time_uptime; 937 938 /* set prefix mask */ 939 if (ifra->ifra_prefixmask.sin6_len) { 940 /* 941 * We prohibit changing the prefix length of an existing 942 * address, because 943 * + such an operation should be rare in IPv6, and 944 * + the operation would confuse prefix management. 945 */ 946 if (ia->ia_prefixmask.sin6_len && 947 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) { 948 nd6log(LOG_INFO, "the prefix length of an" 949 " existing (%s) address should not be changed\n", 950 ip6_sprintf(&ia->ia_addr.sin6_addr)); 951 error = EINVAL; 952 if (hostIsNew) 953 free(ia, M_IFADDR); 954 goto exit; 955 } 956 ia->ia_prefixmask = ifra->ifra_prefixmask; 957 } 958 959 /* 960 * If a new destination address is specified, scrub the old one and 961 * install the new destination. Note that the interface must be 962 * p2p or loopback (see the check above.) 963 */ 964 if (dst6.sin6_family == AF_INET6 && 965 !IN6_ARE_ADDR_EQUAL(&dst6.sin6_addr, &ia->ia_dstaddr.sin6_addr)) { 966 if ((ia->ia_flags & IFA_ROUTE) != 0 && 967 rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST) != 0) { 968 nd6log(LOG_ERR, "failed to remove " 969 "a route to the old destination: %s\n", 970 ip6_sprintf(&ia->ia_addr.sin6_addr)); 971 /* proceed anyway... */ 972 } else 973 ia->ia_flags &= ~IFA_ROUTE; 974 ia->ia_dstaddr = dst6; 975 } 976 977 /* 978 * Set lifetimes. We do not refer to ia6t_expire and ia6t_preferred 979 * to see if the address is deprecated or invalidated, but initialize 980 * these members for applications. 981 */ 982 ia->ia6_lifetime = ifra->ifra_lifetime; 983 if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) { 984 ia->ia6_lifetime.ia6t_expire = 985 time_uptime + ia->ia6_lifetime.ia6t_vltime; 986 } else 987 ia->ia6_lifetime.ia6t_expire = 0; 988 if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) { 989 ia->ia6_lifetime.ia6t_preferred = 990 time_uptime + ia->ia6_lifetime.ia6t_pltime; 991 } else 992 ia->ia6_lifetime.ia6t_preferred = 0; 993 994 /* 995 * configure address flags. 996 * We need to preserve tentative state so DAD works if 997 * something adds the same address before DAD finishes. 998 */ 999 was_tentative = ia->ia6_flags & (IN6_IFF_TENTATIVE|IN6_IFF_DUPLICATED); 1000 ia->ia6_flags = ifra->ifra_flags; 1001 1002 /* 1003 * Make the address tentative before joining multicast addresses, 1004 * so that corresponding MLD responses would not have a tentative 1005 * source address. 1006 */ 1007 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; /* safety */ 1008 if (ifp->if_link_state == LINK_STATE_DOWN) { 1009 ia->ia6_flags |= IN6_IFF_DETACHED; 1010 ia->ia6_flags &= ~IN6_IFF_TENTATIVE; 1011 } else if ((hostIsNew || was_tentative) && if_do_dad(ifp)) 1012 ia->ia6_flags |= IN6_IFF_TENTATIVE; 1013 1014 /* 1015 * backward compatibility - if IN6_IFF_DEPRECATED is set from the 1016 * userland, make it deprecated. 1017 */ 1018 if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) { 1019 ia->ia6_lifetime.ia6t_pltime = 0; 1020 ia->ia6_lifetime.ia6t_preferred = time_uptime; 1021 } 1022 1023 /* reset the interface and routing table appropriately. */ 1024 if ((error = in6_ifinit(ifp, ia, &ifra->ifra_addr, hostIsNew)) != 0) { 1025 if (hostIsNew) 1026 free(ia, M_IFADDR); 1027 goto exit; 1028 } 1029 1030 /* 1031 * We are done if we have simply modified an existing address. 1032 */ 1033 if (!hostIsNew) 1034 return error; 1035 1036 /* 1037 * Insert ia to the global list and ifa to the interface's list. 1038 */ 1039 IN6_ADDRLIST_WRITER_INSERT_TAIL(ia); 1040 1041 /* gain a refcnt for the link from in6_ifaddr */ 1042 ifaref(&ia->ia_ifa); 1043 ifa_insert(ifp, &ia->ia_ifa); 1044 1045 /* 1046 * Beyond this point, we should call in6_purgeaddr upon an error, 1047 * not just go to unlink. 1048 */ 1049 1050 /* join necessary multicast groups */ 1051 if ((ifp->if_flags & IFF_MULTICAST) != 0) { 1052 struct sockaddr_in6 mltaddr, mltmask; 1053 struct in6_addr llsol; 1054 1055 /* join solicited multicast addr for new host id */ 1056 memset(&llsol, 0, sizeof(struct in6_addr)); 1057 llsol.s6_addr16[0] = htons(0xff02); 1058 llsol.s6_addr32[1] = 0; 1059 llsol.s6_addr32[2] = htonl(1); 1060 llsol.s6_addr32[3] = ifra->ifra_addr.sin6_addr.s6_addr32[3]; 1061 llsol.s6_addr8[12] = 0xff; 1062 if ((error = in6_setscope(&llsol, ifp, NULL)) != 0) { 1063 /* XXX: should not happen */ 1064 log(LOG_ERR, "%s: in6_setscope failed\n", __func__); 1065 goto cleanup; 1066 } 1067 dad_delay = 0; 1068 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1069 /* 1070 * We need a random delay for DAD on the address 1071 * being configured. It also means delaying 1072 * transmission of the corresponding MLD report to 1073 * avoid report collision. 1074 * [draft-ietf-ipv6-rfc2462bis-02.txt] 1075 */ 1076 dad_delay = cprng_fast32() % 1077 (MAX_RTR_SOLICITATION_DELAY * hz); 1078 } 1079 1080 #define MLTMASK_LEN 4 /* mltmask's masklen (=32bit=4octet) */ 1081 /* join solicited multicast addr for new host id */ 1082 imm = in6_joingroup(ifp, &llsol, &error, dad_delay); 1083 if (!imm) { 1084 nd6log(LOG_ERR, 1085 "addmulti failed for %s on %s (errno=%d)\n", 1086 ip6_sprintf(&llsol), if_name(ifp), error); 1087 goto cleanup; 1088 } 1089 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1090 in6m_sol = imm->i6mm_maddr; 1091 1092 sockaddr_in6_init(&mltmask, &in6mask32, 0, 0, 0); 1093 1094 /* 1095 * join link-local all-nodes address 1096 */ 1097 sockaddr_in6_init(&mltaddr, &in6addr_linklocal_allnodes, 1098 0, 0, 0); 1099 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1100 goto cleanup; /* XXX: should not fail */ 1101 1102 /* 1103 * XXX: do we really need this automatic routes? 1104 * We should probably reconsider this stuff. Most applications 1105 * actually do not need the routes, since they usually specify 1106 * the outgoing interface. 1107 */ 1108 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1109 if (rt) { 1110 if (memcmp(&mltaddr.sin6_addr, 1111 &satocsin6(rt_getkey(rt))->sin6_addr, 1112 MLTMASK_LEN)) { 1113 rtfree(rt); 1114 rt = NULL; 1115 } else if (rt->rt_ifp != ifp) { 1116 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1117 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1118 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1119 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1120 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1121 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1122 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1123 rt_replace_ifa(rt, &ia->ia_ifa); 1124 rt->rt_ifp = ifp; 1125 } 1126 } 1127 if (!rt) { 1128 struct rt_addrinfo info; 1129 1130 memset(&info, 0, sizeof(info)); 1131 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1132 info.rti_info[RTAX_GATEWAY] = 1133 (struct sockaddr *)&ia->ia_addr; 1134 info.rti_info[RTAX_NETMASK] = 1135 (struct sockaddr *)&mltmask; 1136 info.rti_info[RTAX_IFA] = 1137 (struct sockaddr *)&ia->ia_addr; 1138 /* XXX: we need RTF_CONNECTED to fake nd6_rtrequest */ 1139 info.rti_flags = RTF_UP | RTF_CONNECTED; 1140 error = rtrequest1(RTM_ADD, &info, NULL); 1141 if (error) 1142 goto cleanup; 1143 } else { 1144 rtfree(rt); 1145 } 1146 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1147 if (!imm) { 1148 nd6log(LOG_WARNING, 1149 "addmulti failed for %s on %s (errno=%d)\n", 1150 ip6_sprintf(&mltaddr.sin6_addr), 1151 if_name(ifp), error); 1152 goto cleanup; 1153 } 1154 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1155 1156 /* 1157 * join node information group address 1158 */ 1159 dad_delay = 0; 1160 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1161 /* 1162 * The spec doesn't say anything about delay for this 1163 * group, but the same logic should apply. 1164 */ 1165 dad_delay = cprng_fast32() % 1166 (MAX_RTR_SOLICITATION_DELAY * hz); 1167 } 1168 if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) != 0) 1169 ; 1170 else if ((imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 1171 dad_delay)) == NULL) { /* XXX jinmei */ 1172 nd6log(LOG_WARNING, 1173 "addmulti failed for %s on %s (errno=%d)\n", 1174 ip6_sprintf(&mltaddr.sin6_addr), 1175 if_name(ifp), error); 1176 /* XXX not very fatal, go on... */ 1177 } else { 1178 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1179 } 1180 1181 1182 /* 1183 * join interface-local all-nodes address. 1184 * (ff01::1%ifN, and ff01::%ifN/32) 1185 */ 1186 mltaddr.sin6_addr = in6addr_nodelocal_allnodes; 1187 if ((error = in6_setscope(&mltaddr.sin6_addr, ifp, NULL)) != 0) 1188 goto cleanup; /* XXX: should not fail */ 1189 1190 /* XXX: again, do we really need the route? */ 1191 rt = rtalloc1((struct sockaddr *)&mltaddr, 0); 1192 if (rt) { 1193 /* 32bit came from "mltmask" */ 1194 if (memcmp(&mltaddr.sin6_addr, 1195 &satocsin6(rt_getkey(rt))->sin6_addr, 1196 32 / NBBY)) { 1197 rtfree(rt); 1198 rt = NULL; 1199 } else if (rt->rt_ifp != ifp) { 1200 IN6_DPRINTF("%s: rt_ifp %p -> %p (%s) " 1201 "network %04x:%04x::/32 = %04x:%04x::/32\n", 1202 __func__, rt->rt_ifp, ifp, ifp->if_xname, 1203 ntohs(mltaddr.sin6_addr.s6_addr16[0]), 1204 ntohs(mltaddr.sin6_addr.s6_addr16[1]), 1205 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[0], 1206 satocsin6(rt_getkey(rt))->sin6_addr.s6_addr16[1]); 1207 rt_replace_ifa(rt, &ia->ia_ifa); 1208 rt->rt_ifp = ifp; 1209 } 1210 } 1211 if (!rt) { 1212 struct rt_addrinfo info; 1213 1214 memset(&info, 0, sizeof(info)); 1215 info.rti_info[RTAX_DST] = (struct sockaddr *)&mltaddr; 1216 info.rti_info[RTAX_GATEWAY] = 1217 (struct sockaddr *)&ia->ia_addr; 1218 info.rti_info[RTAX_NETMASK] = 1219 (struct sockaddr *)&mltmask; 1220 info.rti_info[RTAX_IFA] = 1221 (struct sockaddr *)&ia->ia_addr; 1222 info.rti_flags = RTF_UP | RTF_CONNECTED; 1223 error = rtrequest1(RTM_ADD, &info, NULL); 1224 if (error) 1225 goto cleanup; 1226 #undef MLTMASK_LEN 1227 } else { 1228 rtfree(rt); 1229 } 1230 imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error, 0); 1231 if (!imm) { 1232 nd6log(LOG_WARNING, 1233 "addmulti failed for %s on %s (errno=%d)\n", 1234 ip6_sprintf(&mltaddr.sin6_addr), 1235 if_name(ifp), error); 1236 goto cleanup; 1237 } else { 1238 LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain); 1239 } 1240 } 1241 1242 /* Add local address to lltable, if necessary (ex. on p2p link). */ 1243 error = nd6_add_ifa_lle(ia); 1244 if (error != 0) 1245 goto cleanup; 1246 1247 /* 1248 * Perform DAD, if needed. 1249 * XXX It may be of use, if we can administratively 1250 * disable DAD. 1251 */ 1252 if (hostIsNew && if_do_dad(ifp) && 1253 ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) && 1254 (ia->ia6_flags & IN6_IFF_TENTATIVE)) 1255 { 1256 int mindelay, maxdelay; 1257 1258 dad_delay = 0; 1259 if ((flags & IN6_IFAUPDATE_DADDELAY)) { 1260 /* 1261 * We need to impose a delay before sending an NS 1262 * for DAD. Check if we also needed a delay for the 1263 * corresponding MLD message. If we did, the delay 1264 * should be larger than the MLD delay (this could be 1265 * relaxed a bit, but this simple logic is at least 1266 * safe). 1267 */ 1268 mindelay = 0; 1269 if (in6m_sol != NULL && 1270 in6m_sol->in6m_state == MLD_REPORTPENDING) { 1271 mindelay = in6m_sol->in6m_timer; 1272 } 1273 maxdelay = MAX_RTR_SOLICITATION_DELAY * hz; 1274 if (maxdelay - mindelay == 0) 1275 dad_delay = 0; 1276 else { 1277 dad_delay = 1278 (cprng_fast32() % (maxdelay - mindelay)) + 1279 mindelay; 1280 } 1281 } 1282 /* +1 ensures callout is always used */ 1283 nd6_dad_start(&ia->ia_ifa, dad_delay + 1); 1284 } 1285 1286 return 0; 1287 1288 cleanup: 1289 in6_purgeaddr(&ia->ia_ifa); 1290 exit: 1291 return error; 1292 } 1293 1294 int 1295 in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, 1296 struct in6_ifaddr *ia, int flags) 1297 { 1298 int rc, s; 1299 1300 s = splnet(); 1301 rc = in6_update_ifa1(ifp, ifra, ia, flags); 1302 splx(s); 1303 return rc; 1304 } 1305 1306 void 1307 in6_purgeaddr(struct ifaddr *ifa) 1308 { 1309 struct ifnet *ifp = ifa->ifa_ifp; 1310 struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa; 1311 struct in6_multi_mship *imm; 1312 1313 /* stop DAD processing */ 1314 nd6_dad_stop(ifa); 1315 1316 /* 1317 * delete route to the destination of the address being purged. 1318 * The interface must be p2p or loopback in this case. 1319 */ 1320 if ((ia->ia_flags & IFA_ROUTE) != 0 && ia->ia_dstaddr.sin6_len != 0) { 1321 int e; 1322 1323 if ((e = rtinit(&(ia->ia_ifa), (int)RTM_DELETE, RTF_HOST)) 1324 != 0) { 1325 log(LOG_ERR, "in6_purgeaddr: failed to remove " 1326 "a route to the p2p destination: %s on %s, " 1327 "errno=%d\n", 1328 ip6_sprintf(&ia->ia_addr.sin6_addr), if_name(ifp), 1329 e); 1330 /* proceed anyway... */ 1331 } else 1332 ia->ia_flags &= ~IFA_ROUTE; 1333 } 1334 1335 /* Remove ownaddr's loopback rtentry, if it exists. */ 1336 in6_ifremlocal(&(ia->ia_ifa)); 1337 1338 /* 1339 * leave from multicast groups we have joined for the interface 1340 */ 1341 while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) { 1342 LIST_REMOVE(imm, i6mm_chain); 1343 in6_leavegroup(imm); 1344 } 1345 1346 in6_unlink_ifa(ia, ifp); 1347 } 1348 1349 static void 1350 in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) 1351 { 1352 int s = splnet(); 1353 1354 ifa_remove(ifp, &ia->ia_ifa); 1355 1356 IN6_ADDRLIST_WRITER_REMOVE(ia); 1357 /* TODO psref_target_destroy */ 1358 IN6_ADDRLIST_ENTRY_DESTROY(ia); 1359 1360 /* 1361 * XXX thorpej@NetBSD.org -- if the interface is going 1362 * XXX away, don't save the multicast entries, delete them! 1363 */ 1364 if (LIST_EMPTY(&ia->ia6_multiaddrs)) 1365 ; 1366 else if (if_is_deactivated(ia->ia_ifa.ifa_ifp)) { 1367 struct in6_multi *in6m, *next; 1368 1369 for (in6m = LIST_FIRST(&ia->ia6_multiaddrs); in6m != NULL; 1370 in6m = next) { 1371 next = LIST_NEXT(in6m, in6m_entry); 1372 in6_delmulti(in6m); 1373 } 1374 } else 1375 in6_savemkludge(ia); 1376 1377 /* 1378 * Release the reference to the base prefix. There should be a 1379 * positive reference. 1380 */ 1381 if (ia->ia6_ndpr == NULL) { 1382 nd6log(LOG_NOTICE, "autoconf'ed address %p has no prefix\n", 1383 ia); 1384 } else { 1385 ia->ia6_ndpr->ndpr_refcnt--; 1386 ia->ia6_ndpr = NULL; 1387 } 1388 1389 /* 1390 * Also, if the address being removed is autoconf'ed, call 1391 * pfxlist_onlink_check() since the release might affect the status of 1392 * other (detached) addresses. 1393 */ 1394 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) != 0) 1395 pfxlist_onlink_check(); 1396 1397 /* 1398 * release another refcnt for the link from in6_ifaddr. 1399 * Note that we should decrement the refcnt at least once for all *BSD. 1400 */ 1401 ifafree(&ia->ia_ifa); 1402 1403 splx(s); 1404 } 1405 1406 void 1407 in6_purgeif(struct ifnet *ifp) 1408 { 1409 1410 in6_ifdetach(ifp); 1411 } 1412 1413 /* 1414 * SIOC[GAD]LIFADDR. 1415 * SIOCGLIFADDR: get first address. (?) 1416 * SIOCGLIFADDR with IFLR_PREFIX: 1417 * get first address that matches the specified prefix. 1418 * SIOCALIFADDR: add the specified address. 1419 * SIOCALIFADDR with IFLR_PREFIX: 1420 * add the specified prefix, filling hostid part from 1421 * the first link-local address. prefixlen must be <= 64. 1422 * SIOCDLIFADDR: delete the specified address. 1423 * SIOCDLIFADDR with IFLR_PREFIX: 1424 * delete the first address that matches the specified prefix. 1425 * return values: 1426 * EINVAL on invalid parameters 1427 * EADDRNOTAVAIL on prefix match failed/specified address not found 1428 * other values may be returned from in6_ioctl() 1429 * 1430 * NOTE: SIOCALIFADDR(with IFLR_PREFIX set) allows prefixlen less than 64. 1431 * this is to accommodate address naming scheme other than RFC2374, 1432 * in the future. 1433 * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374 1434 * address encoding scheme. (see figure on page 8) 1435 */ 1436 static int 1437 in6_lifaddr_ioctl(struct socket *so, u_long cmd, void *data, 1438 struct ifnet *ifp) 1439 { 1440 struct in6_ifaddr *ia; 1441 struct if_laddrreq *iflr = (struct if_laddrreq *)data; 1442 struct ifaddr *ifa; 1443 struct sockaddr *sa; 1444 1445 /* sanity checks */ 1446 if (!data || !ifp) { 1447 panic("invalid argument to in6_lifaddr_ioctl"); 1448 /* NOTREACHED */ 1449 } 1450 1451 switch (cmd) { 1452 case SIOCGLIFADDR: 1453 /* address must be specified on GET with IFLR_PREFIX */ 1454 if ((iflr->flags & IFLR_PREFIX) == 0) 1455 break; 1456 /* FALLTHROUGH */ 1457 case SIOCALIFADDR: 1458 case SIOCDLIFADDR: 1459 /* address must be specified on ADD and DELETE */ 1460 sa = (struct sockaddr *)&iflr->addr; 1461 if (sa->sa_family != AF_INET6) 1462 return EINVAL; 1463 if (sa->sa_len != sizeof(struct sockaddr_in6)) 1464 return EINVAL; 1465 /* XXX need improvement */ 1466 sa = (struct sockaddr *)&iflr->dstaddr; 1467 if (sa->sa_family && sa->sa_family != AF_INET6) 1468 return EINVAL; 1469 if (sa->sa_len && sa->sa_len != sizeof(struct sockaddr_in6)) 1470 return EINVAL; 1471 break; 1472 default: /* shouldn't happen */ 1473 #if 0 1474 panic("invalid cmd to in6_lifaddr_ioctl"); 1475 /* NOTREACHED */ 1476 #else 1477 return EOPNOTSUPP; 1478 #endif 1479 } 1480 if (sizeof(struct in6_addr) * NBBY < iflr->prefixlen) 1481 return EINVAL; 1482 1483 switch (cmd) { 1484 case SIOCALIFADDR: 1485 { 1486 struct in6_aliasreq ifra; 1487 struct in6_addr *xhostid = NULL; 1488 int prefixlen; 1489 1490 if ((iflr->flags & IFLR_PREFIX) != 0) { 1491 struct sockaddr_in6 *sin6; 1492 1493 /* 1494 * xhostid is to fill in the hostid part of the 1495 * address. xhostid points to the first link-local 1496 * address attached to the interface. 1497 */ 1498 ia = in6ifa_ifpforlinklocal(ifp, 0); 1499 if (ia == NULL) 1500 return EADDRNOTAVAIL; 1501 xhostid = IFA_IN6(&ia->ia_ifa); 1502 1503 /* prefixlen must be <= 64. */ 1504 if (64 < iflr->prefixlen) 1505 return EINVAL; 1506 prefixlen = iflr->prefixlen; 1507 1508 /* hostid part must be zero. */ 1509 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1510 if (sin6->sin6_addr.s6_addr32[2] != 0 1511 || sin6->sin6_addr.s6_addr32[3] != 0) { 1512 return EINVAL; 1513 } 1514 } else 1515 prefixlen = iflr->prefixlen; 1516 1517 /* copy args to in6_aliasreq, perform ioctl(SIOCAIFADDR_IN6). */ 1518 memset(&ifra, 0, sizeof(ifra)); 1519 memcpy(ifra.ifra_name, iflr->iflr_name, sizeof(ifra.ifra_name)); 1520 1521 memcpy(&ifra.ifra_addr, &iflr->addr, 1522 ((struct sockaddr *)&iflr->addr)->sa_len); 1523 if (xhostid) { 1524 /* fill in hostid part */ 1525 ifra.ifra_addr.sin6_addr.s6_addr32[2] = 1526 xhostid->s6_addr32[2]; 1527 ifra.ifra_addr.sin6_addr.s6_addr32[3] = 1528 xhostid->s6_addr32[3]; 1529 } 1530 1531 if (((struct sockaddr *)&iflr->dstaddr)->sa_family) { /* XXX */ 1532 memcpy(&ifra.ifra_dstaddr, &iflr->dstaddr, 1533 ((struct sockaddr *)&iflr->dstaddr)->sa_len); 1534 if (xhostid) { 1535 ifra.ifra_dstaddr.sin6_addr.s6_addr32[2] = 1536 xhostid->s6_addr32[2]; 1537 ifra.ifra_dstaddr.sin6_addr.s6_addr32[3] = 1538 xhostid->s6_addr32[3]; 1539 } 1540 } 1541 1542 ifra.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6); 1543 in6_prefixlen2mask(&ifra.ifra_prefixmask.sin6_addr, prefixlen); 1544 1545 ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1546 ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1547 ifra.ifra_flags = iflr->flags & ~IFLR_PREFIX; 1548 return in6_control(so, SIOCAIFADDR_IN6, &ifra, ifp); 1549 } 1550 case SIOCGLIFADDR: 1551 case SIOCDLIFADDR: 1552 { 1553 struct in6_addr mask, candidate, match; 1554 struct sockaddr_in6 *sin6; 1555 int cmp; 1556 1557 memset(&mask, 0, sizeof(mask)); 1558 if (iflr->flags & IFLR_PREFIX) { 1559 /* lookup a prefix rather than address. */ 1560 in6_prefixlen2mask(&mask, iflr->prefixlen); 1561 1562 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1563 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1564 match.s6_addr32[0] &= mask.s6_addr32[0]; 1565 match.s6_addr32[1] &= mask.s6_addr32[1]; 1566 match.s6_addr32[2] &= mask.s6_addr32[2]; 1567 match.s6_addr32[3] &= mask.s6_addr32[3]; 1568 1569 /* if you set extra bits, that's wrong */ 1570 if (memcmp(&match, &sin6->sin6_addr, sizeof(match))) 1571 return EINVAL; 1572 1573 cmp = 1; 1574 } else { 1575 if (cmd == SIOCGLIFADDR) { 1576 /* on getting an address, take the 1st match */ 1577 cmp = 0; /* XXX */ 1578 } else { 1579 /* on deleting an address, do exact match */ 1580 in6_prefixlen2mask(&mask, 128); 1581 sin6 = (struct sockaddr_in6 *)&iflr->addr; 1582 memcpy(&match, &sin6->sin6_addr, sizeof(match)); 1583 1584 cmp = 1; 1585 } 1586 } 1587 1588 IFADDR_READER_FOREACH(ifa, ifp) { 1589 if (ifa->ifa_addr->sa_family != AF_INET6) 1590 continue; 1591 if (!cmp) 1592 break; 1593 1594 /* 1595 * XXX: this is adhoc, but is necessary to allow 1596 * a user to specify fe80::/64 (not /10) for a 1597 * link-local address. 1598 */ 1599 memcpy(&candidate, IFA_IN6(ifa), sizeof(candidate)); 1600 in6_clearscope(&candidate); 1601 candidate.s6_addr32[0] &= mask.s6_addr32[0]; 1602 candidate.s6_addr32[1] &= mask.s6_addr32[1]; 1603 candidate.s6_addr32[2] &= mask.s6_addr32[2]; 1604 candidate.s6_addr32[3] &= mask.s6_addr32[3]; 1605 if (IN6_ARE_ADDR_EQUAL(&candidate, &match)) 1606 break; 1607 } 1608 if (!ifa) 1609 return EADDRNOTAVAIL; 1610 ia = ifa2ia6(ifa); 1611 1612 if (cmd == SIOCGLIFADDR) { 1613 int error; 1614 1615 /* fill in the if_laddrreq structure */ 1616 memcpy(&iflr->addr, &ia->ia_addr, ia->ia_addr.sin6_len); 1617 error = sa6_recoverscope( 1618 (struct sockaddr_in6 *)&iflr->addr); 1619 if (error != 0) 1620 return error; 1621 1622 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1623 memcpy(&iflr->dstaddr, &ia->ia_dstaddr, 1624 ia->ia_dstaddr.sin6_len); 1625 error = sa6_recoverscope( 1626 (struct sockaddr_in6 *)&iflr->dstaddr); 1627 if (error != 0) 1628 return error; 1629 } else 1630 memset(&iflr->dstaddr, 0, sizeof(iflr->dstaddr)); 1631 1632 iflr->prefixlen = 1633 in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); 1634 1635 iflr->flags = ia->ia6_flags; /* XXX */ 1636 1637 return 0; 1638 } else { 1639 struct in6_aliasreq ifra; 1640 1641 /* fill in6_aliasreq and do ioctl(SIOCDIFADDR_IN6) */ 1642 memset(&ifra, 0, sizeof(ifra)); 1643 memcpy(ifra.ifra_name, iflr->iflr_name, 1644 sizeof(ifra.ifra_name)); 1645 1646 memcpy(&ifra.ifra_addr, &ia->ia_addr, 1647 ia->ia_addr.sin6_len); 1648 if ((ifp->if_flags & IFF_POINTOPOINT) != 0) { 1649 memcpy(&ifra.ifra_dstaddr, &ia->ia_dstaddr, 1650 ia->ia_dstaddr.sin6_len); 1651 } else { 1652 memset(&ifra.ifra_dstaddr, 0, 1653 sizeof(ifra.ifra_dstaddr)); 1654 } 1655 memcpy(&ifra.ifra_dstaddr, &ia->ia_prefixmask, 1656 ia->ia_prefixmask.sin6_len); 1657 1658 ifra.ifra_flags = ia->ia6_flags; 1659 return in6_control(so, SIOCDIFADDR_IN6, &ifra, ifp); 1660 } 1661 } 1662 } 1663 1664 return EOPNOTSUPP; /* just for safety */ 1665 } 1666 1667 /* 1668 * Initialize an interface's internet6 address 1669 * and routing table entry. 1670 */ 1671 static int 1672 in6_ifinit(struct ifnet *ifp, struct in6_ifaddr *ia, 1673 const struct sockaddr_in6 *sin6, int newhost) 1674 { 1675 int error = 0, plen, ifacount = 0; 1676 int s = splnet(); 1677 struct ifaddr *ifa; 1678 1679 /* 1680 * Give the interface a chance to initialize 1681 * if this is its first address, 1682 * and to validate the address if necessary. 1683 */ 1684 IFADDR_READER_FOREACH(ifa, ifp) { 1685 if (ifa->ifa_addr->sa_family != AF_INET6) 1686 continue; 1687 ifacount++; 1688 } 1689 1690 ia->ia_addr = *sin6; 1691 1692 if (ifacount <= 0 && 1693 (error = if_addr_init(ifp, &ia->ia_ifa, true)) != 0) { 1694 splx(s); 1695 return error; 1696 } 1697 splx(s); 1698 1699 ia->ia_ifa.ifa_metric = ifp->if_metric; 1700 1701 /* we could do in(6)_socktrim here, but just omit it at this moment. */ 1702 1703 /* 1704 * Special case: 1705 * If the destination address is specified for a point-to-point 1706 * interface, install a route to the destination as an interface 1707 * direct route. 1708 */ 1709 plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */ 1710 if (plen == 128 && ia->ia_dstaddr.sin6_family == AF_INET6) { 1711 if ((error = rtinit(&ia->ia_ifa, RTM_ADD, 1712 RTF_UP | RTF_HOST)) != 0) 1713 return error; 1714 ia->ia_flags |= IFA_ROUTE; 1715 } 1716 1717 /* Add ownaddr as loopback rtentry, if necessary (ex. on p2p link). */ 1718 if (newhost) { 1719 /* set the rtrequest function to create llinfo */ 1720 if (ifp->if_flags & IFF_POINTOPOINT) 1721 ia->ia_ifa.ifa_rtrequest = p2p_rtrequest; 1722 else if ((ifp->if_flags & IFF_LOOPBACK) == 0) 1723 ia->ia_ifa.ifa_rtrequest = nd6_rtrequest; 1724 in6_ifaddlocal(&ia->ia_ifa); 1725 } else { 1726 /* Inform the routing socket of new flags/timings */ 1727 rt_newaddrmsg(RTM_NEWADDR, &ia->ia_ifa, 0, NULL); 1728 } 1729 1730 if (ifp->if_flags & IFF_MULTICAST) 1731 in6_restoremkludge(ia, ifp); 1732 1733 return error; 1734 } 1735 1736 static struct ifaddr * 1737 bestifa(struct ifaddr *best_ifa, struct ifaddr *ifa) 1738 { 1739 if (best_ifa == NULL || best_ifa->ifa_preference < ifa->ifa_preference) 1740 return ifa; 1741 return best_ifa; 1742 } 1743 1744 /* 1745 * Find an IPv6 interface link-local address specific to an interface. 1746 */ 1747 struct in6_ifaddr * 1748 in6ifa_ifpforlinklocal(const struct ifnet *ifp, const int ignoreflags) 1749 { 1750 struct ifaddr *best_ifa = NULL, *ifa; 1751 1752 IFADDR_READER_FOREACH(ifa, ifp) { 1753 if (ifa->ifa_addr->sa_family != AF_INET6) 1754 continue; 1755 if (!IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) 1756 continue; 1757 if ((((struct in6_ifaddr *)ifa)->ia6_flags & ignoreflags) != 0) 1758 continue; 1759 best_ifa = bestifa(best_ifa, ifa); 1760 } 1761 1762 return (struct in6_ifaddr *)best_ifa; 1763 } 1764 1765 /* 1766 * find the internet address corresponding to a given address. 1767 * ifaddr is returned referenced. 1768 */ 1769 struct in6_ifaddr * 1770 in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid) 1771 { 1772 struct in6_ifaddr *ia; 1773 1774 #ifdef __FreeBSD__ 1775 IN6_IFADDR_RLOCK(); 1776 LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) { 1777 #else 1778 IN6_ADDRLIST_READER_FOREACH(ia) { 1779 #endif 1780 if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) { 1781 if (zoneid != 0 && 1782 zoneid != ia->ia_addr.sin6_scope_id) 1783 continue; 1784 ifaref(&ia->ia_ifa); 1785 break; 1786 } 1787 } 1788 #ifdef __FreeBSD__ 1789 IN6_IFADDR_RUNLOCK(); 1790 #endif 1791 return ia; 1792 } 1793 1794 /* 1795 * find the internet address corresponding to a given interface and address. 1796 */ 1797 struct in6_ifaddr * 1798 in6ifa_ifpwithaddr(const struct ifnet *ifp, const struct in6_addr *addr) 1799 { 1800 struct ifaddr *best_ifa = NULL, *ifa; 1801 1802 IFADDR_READER_FOREACH(ifa, ifp) { 1803 if (ifa->ifa_addr->sa_family != AF_INET6) 1804 continue; 1805 if (!IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) 1806 continue; 1807 best_ifa = bestifa(best_ifa, ifa); 1808 } 1809 1810 return (struct in6_ifaddr *)best_ifa; 1811 } 1812 1813 static struct in6_ifaddr * 1814 bestia(struct in6_ifaddr *best_ia, struct in6_ifaddr *ia) 1815 { 1816 if (best_ia == NULL || 1817 best_ia->ia_ifa.ifa_preference < ia->ia_ifa.ifa_preference) 1818 return ia; 1819 return best_ia; 1820 } 1821 1822 /* 1823 * Convert IP6 address to printable (loggable) representation. 1824 */ 1825 char * 1826 ip6_sprintf(const struct in6_addr *addr) 1827 { 1828 static int ip6round = 0; 1829 static char ip6buf[8][INET6_ADDRSTRLEN]; 1830 char *cp = ip6buf[ip6round++ & 7]; 1831 1832 in6_print(cp, INET6_ADDRSTRLEN, addr); 1833 return cp; 1834 } 1835 1836 /* 1837 * Determine if an address is on a local network. 1838 */ 1839 int 1840 in6_localaddr(const struct in6_addr *in6) 1841 { 1842 struct in6_ifaddr *ia; 1843 1844 if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) 1845 return 1; 1846 1847 IN6_ADDRLIST_READER_FOREACH(ia) { 1848 if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr, 1849 &ia->ia_prefixmask.sin6_addr)) 1850 return 1; 1851 } 1852 1853 return 0; 1854 } 1855 1856 int 1857 in6_is_addr_deprecated(struct sockaddr_in6 *sa6) 1858 { 1859 struct in6_ifaddr *ia; 1860 1861 IN6_ADDRLIST_READER_FOREACH(ia) { 1862 if (IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, 1863 &sa6->sin6_addr) && 1864 #ifdef SCOPEDROUTING 1865 ia->ia_addr.sin6_scope_id == sa6->sin6_scope_id && 1866 #endif 1867 (ia->ia6_flags & IN6_IFF_DEPRECATED) != 0) 1868 return 1; /* true */ 1869 1870 /* XXX: do we still have to go thru the rest of the list? */ 1871 } 1872 1873 return 0; /* false */ 1874 } 1875 1876 /* 1877 * return length of part which dst and src are equal 1878 * hard coding... 1879 */ 1880 int 1881 in6_matchlen(struct in6_addr *src, struct in6_addr *dst) 1882 { 1883 int match = 0; 1884 u_char *s = (u_char *)src, *d = (u_char *)dst; 1885 u_char *lim = s + 16, r; 1886 1887 while (s < lim) 1888 if ((r = (*d++ ^ *s++)) != 0) { 1889 while (r < 128) { 1890 match++; 1891 r <<= 1; 1892 } 1893 break; 1894 } else 1895 match += NBBY; 1896 return match; 1897 } 1898 1899 /* XXX: to be scope conscious */ 1900 int 1901 in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len) 1902 { 1903 int bytelen, bitlen; 1904 1905 /* sanity check */ 1906 if (len < 0 || len > 128) { 1907 log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n", 1908 len); 1909 return 0; 1910 } 1911 1912 bytelen = len / NBBY; 1913 bitlen = len % NBBY; 1914 1915 if (memcmp(&p1->s6_addr, &p2->s6_addr, bytelen)) 1916 return 0; 1917 if (bitlen != 0 && 1918 p1->s6_addr[bytelen] >> (NBBY - bitlen) != 1919 p2->s6_addr[bytelen] >> (NBBY - bitlen)) 1920 return 0; 1921 1922 return 1; 1923 } 1924 1925 void 1926 in6_prefixlen2mask(struct in6_addr *maskp, int len) 1927 { 1928 static const u_char maskarray[NBBY] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; 1929 int bytelen, bitlen, i; 1930 1931 /* sanity check */ 1932 if (len < 0 || len > 128) { 1933 log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n", 1934 len); 1935 return; 1936 } 1937 1938 memset(maskp, 0, sizeof(*maskp)); 1939 bytelen = len / NBBY; 1940 bitlen = len % NBBY; 1941 for (i = 0; i < bytelen; i++) 1942 maskp->s6_addr[i] = 0xff; 1943 if (bitlen) 1944 maskp->s6_addr[bytelen] = maskarray[bitlen - 1]; 1945 } 1946 1947 /* 1948 * return the best address out of the same scope. if no address was 1949 * found, return the first valid address from designated IF. 1950 */ 1951 struct in6_ifaddr * 1952 in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) 1953 { 1954 int dst_scope = in6_addrscope(dst), blen = -1, tlen; 1955 struct ifaddr *ifa; 1956 struct in6_ifaddr *best_ia = NULL, *ia; 1957 struct in6_ifaddr *dep[2]; /* last-resort: deprecated */ 1958 1959 dep[0] = dep[1] = NULL; 1960 1961 /* 1962 * We first look for addresses in the same scope. 1963 * If there is one, return it. 1964 * If two or more, return one which matches the dst longest. 1965 * If none, return one of global addresses assigned other ifs. 1966 */ 1967 IFADDR_READER_FOREACH(ifa, ifp) { 1968 if (ifa->ifa_addr->sa_family != AF_INET6) 1969 continue; 1970 ia = (struct in6_ifaddr *)ifa; 1971 if (ia->ia6_flags & IN6_IFF_ANYCAST) 1972 continue; /* XXX: is there any case to allow anycast? */ 1973 if (ia->ia6_flags & IN6_IFF_NOTREADY) 1974 continue; /* don't use this interface */ 1975 if (ia->ia6_flags & IN6_IFF_DETACHED) 1976 continue; 1977 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 1978 if (ip6_use_deprecated) 1979 dep[0] = ia; 1980 continue; 1981 } 1982 1983 if (dst_scope != in6_addrscope(IFA_IN6(ifa))) 1984 continue; 1985 /* 1986 * call in6_matchlen() as few as possible 1987 */ 1988 if (best_ia == NULL) { 1989 best_ia = ia; 1990 continue; 1991 } 1992 if (blen == -1) 1993 blen = in6_matchlen(&best_ia->ia_addr.sin6_addr, dst); 1994 tlen = in6_matchlen(IFA_IN6(ifa), dst); 1995 if (tlen > blen) { 1996 blen = tlen; 1997 best_ia = ia; 1998 } else if (tlen == blen) 1999 best_ia = bestia(best_ia, ia); 2000 } 2001 if (best_ia != NULL) 2002 return best_ia; 2003 2004 IFADDR_READER_FOREACH(ifa, ifp) { 2005 if (ifa->ifa_addr->sa_family != AF_INET6) 2006 continue; 2007 ia = (struct in6_ifaddr *)ifa; 2008 if (ia->ia6_flags & IN6_IFF_ANYCAST) 2009 continue; /* XXX: is there any case to allow anycast? */ 2010 if (ia->ia6_flags & IN6_IFF_NOTREADY) 2011 continue; /* don't use this interface */ 2012 if (ia->ia6_flags & IN6_IFF_DETACHED) 2013 continue; 2014 if (ia->ia6_flags & IN6_IFF_DEPRECATED) { 2015 if (ip6_use_deprecated) 2016 dep[1] = (struct in6_ifaddr *)ifa; 2017 continue; 2018 } 2019 2020 best_ia = bestia(best_ia, ia); 2021 } 2022 if (best_ia != NULL) 2023 return best_ia; 2024 2025 /* use the last-resort values, that are, deprecated addresses */ 2026 if (dep[0]) 2027 return dep[0]; 2028 if (dep[1]) 2029 return dep[1]; 2030 2031 return NULL; 2032 } 2033 2034 /* 2035 * perform DAD when interface becomes IFF_UP. 2036 */ 2037 void 2038 in6_if_link_up(struct ifnet *ifp) 2039 { 2040 struct ifaddr *ifa; 2041 struct in6_ifaddr *ia; 2042 2043 /* Ensure it's sane to run DAD */ 2044 if (ifp->if_link_state == LINK_STATE_DOWN) 2045 return; 2046 if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) 2047 return; 2048 2049 IFADDR_READER_FOREACH(ifa, ifp) { 2050 if (ifa->ifa_addr->sa_family != AF_INET6) 2051 continue; 2052 ia = (struct in6_ifaddr *)ifa; 2053 2054 /* If detached then mark as tentative */ 2055 if (ia->ia6_flags & IN6_IFF_DETACHED) { 2056 ia->ia6_flags &= ~IN6_IFF_DETACHED; 2057 if (if_do_dad(ifp)) { 2058 ia->ia6_flags |= IN6_IFF_TENTATIVE; 2059 nd6log(LOG_ERR, "%s marked tentative\n", 2060 ip6_sprintf(&ia->ia_addr.sin6_addr)); 2061 } else if ((ia->ia6_flags & IN6_IFF_TENTATIVE) == 0) 2062 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2063 } 2064 2065 if (ia->ia6_flags & IN6_IFF_TENTATIVE) { 2066 int rand_delay; 2067 2068 /* Clear the duplicated flag as we're starting DAD. */ 2069 ia->ia6_flags &= ~IN6_IFF_DUPLICATED; 2070 2071 /* 2072 * The TENTATIVE flag was likely set by hand 2073 * beforehand, implicitly indicating the need for DAD. 2074 * We may be able to skip the random delay in this 2075 * case, but we impose delays just in case. 2076 */ 2077 rand_delay = cprng_fast32() % 2078 (MAX_RTR_SOLICITATION_DELAY * hz); 2079 /* +1 ensures callout is always used */ 2080 nd6_dad_start(ifa, rand_delay + 1); 2081 } 2082 } 2083 2084 /* Restore any detached prefixes */ 2085 pfxlist_onlink_check(); 2086 } 2087 2088 void 2089 in6_if_up(struct ifnet *ifp) 2090 { 2091 2092 /* 2093 * special cases, like 6to4, are handled in in6_ifattach 2094 */ 2095 in6_ifattach(ifp, NULL); 2096 2097 /* interface may not support link state, so bring it up also */ 2098 in6_if_link_up(ifp); 2099 } 2100 2101 /* 2102 * Mark all addresses as detached. 2103 */ 2104 void 2105 in6_if_link_down(struct ifnet *ifp) 2106 { 2107 struct ifaddr *ifa; 2108 struct in6_ifaddr *ia; 2109 2110 /* Any prefixes on this interface should be detached as well */ 2111 pfxlist_onlink_check(); 2112 2113 IFADDR_READER_FOREACH(ifa, ifp) { 2114 if (ifa->ifa_addr->sa_family != AF_INET6) 2115 continue; 2116 ia = (struct in6_ifaddr *)ifa; 2117 2118 /* Stop DAD processing */ 2119 nd6_dad_stop(ifa); 2120 2121 /* 2122 * Mark the address as detached. 2123 * This satisfies RFC4862 Section 5.3, but we should apply 2124 * this logic to all addresses to be a good citizen and 2125 * avoid potential duplicated addresses. 2126 * When the interface comes up again, detached addresses 2127 * are marked tentative and DAD commences. 2128 */ 2129 if (!(ia->ia6_flags & IN6_IFF_DETACHED)) { 2130 nd6log(LOG_DEBUG, "%s marked detached\n", 2131 ip6_sprintf(&ia->ia_addr.sin6_addr)); 2132 ia->ia6_flags |= IN6_IFF_DETACHED; 2133 ia->ia6_flags &= 2134 ~(IN6_IFF_TENTATIVE | IN6_IFF_DUPLICATED); 2135 rt_newaddrmsg(RTM_NEWADDR, ifa, 0, NULL); 2136 } 2137 } 2138 } 2139 2140 void 2141 in6_if_down(struct ifnet *ifp) 2142 { 2143 2144 in6_if_link_down(ifp); 2145 } 2146 2147 void 2148 in6_if_link_state_change(struct ifnet *ifp, int link_state) 2149 { 2150 2151 switch (link_state) { 2152 case LINK_STATE_DOWN: 2153 in6_if_link_down(ifp); 2154 break; 2155 case LINK_STATE_UP: 2156 in6_if_link_up(ifp); 2157 break; 2158 } 2159 } 2160 2161 /* 2162 * Calculate max IPv6 MTU through all the interfaces and store it 2163 * to in6_maxmtu. 2164 */ 2165 void 2166 in6_setmaxmtu(void) 2167 { 2168 unsigned long maxmtu = 0; 2169 struct ifnet *ifp; 2170 int s; 2171 2172 s = pserialize_read_enter(); 2173 IFNET_READER_FOREACH(ifp) { 2174 /* this function can be called during ifnet initialization */ 2175 if (!ifp->if_afdata[AF_INET6]) 2176 continue; 2177 if ((ifp->if_flags & IFF_LOOPBACK) == 0 && 2178 IN6_LINKMTU(ifp) > maxmtu) 2179 maxmtu = IN6_LINKMTU(ifp); 2180 } 2181 pserialize_read_exit(s); 2182 if (maxmtu) /* update only when maxmtu is positive */ 2183 in6_maxmtu = maxmtu; 2184 } 2185 2186 /* 2187 * Provide the length of interface identifiers to be used for the link attached 2188 * to the given interface. The length should be defined in "IPv6 over 2189 * xxx-link" document. Note that address architecture might also define 2190 * the length for a particular set of address prefixes, regardless of the 2191 * link type. As clarified in rfc2462bis, those two definitions should be 2192 * consistent, and those really are as of August 2004. 2193 */ 2194 int 2195 in6_if2idlen(struct ifnet *ifp) 2196 { 2197 switch (ifp->if_type) { 2198 case IFT_ETHER: /* RFC2464 */ 2199 case IFT_PROPVIRTUAL: /* XXX: no RFC. treat it as ether */ 2200 case IFT_L2VLAN: /* ditto */ 2201 case IFT_IEEE80211: /* ditto */ 2202 case IFT_FDDI: /* RFC2467 */ 2203 case IFT_ISO88025: /* RFC2470 (IPv6 over Token Ring) */ 2204 case IFT_PPP: /* RFC2472 */ 2205 case IFT_ARCNET: /* RFC2497 */ 2206 case IFT_FRELAY: /* RFC2590 */ 2207 case IFT_IEEE1394: /* RFC3146 */ 2208 case IFT_GIF: /* draft-ietf-v6ops-mech-v2-07 */ 2209 case IFT_LOOP: /* XXX: is this really correct? */ 2210 return 64; 2211 default: 2212 /* 2213 * Unknown link type: 2214 * It might be controversial to use the today's common constant 2215 * of 64 for these cases unconditionally. For full compliance, 2216 * we should return an error in this case. On the other hand, 2217 * if we simply miss the standard for the link type or a new 2218 * standard is defined for a new link type, the IFID length 2219 * is very likely to be the common constant. As a compromise, 2220 * we always use the constant, but make an explicit notice 2221 * indicating the "unknown" case. 2222 */ 2223 printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type); 2224 return 64; 2225 } 2226 } 2227 2228 struct in6_llentry { 2229 struct llentry base; 2230 }; 2231 2232 #define IN6_LLTBL_DEFAULT_HSIZE 32 2233 #define IN6_LLTBL_HASH(k, h) \ 2234 (((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1)) 2235 2236 /* 2237 * Do actual deallocation of @lle. 2238 * Called by LLE_FREE_LOCKED when number of references 2239 * drops to zero. 2240 */ 2241 static void 2242 in6_lltable_destroy_lle(struct llentry *lle) 2243 { 2244 2245 LLE_WUNLOCK(lle); 2246 LLE_LOCK_DESTROY(lle); 2247 kmem_intr_free(lle, sizeof(struct in6_llentry)); 2248 } 2249 2250 static struct llentry * 2251 in6_lltable_new(const struct in6_addr *addr6, u_int flags) 2252 { 2253 struct in6_llentry *lle; 2254 2255 lle = kmem_intr_zalloc(sizeof(struct in6_llentry), KM_NOSLEEP); 2256 if (lle == NULL) /* NB: caller generates msg */ 2257 return NULL; 2258 2259 lle->base.r_l3addr.addr6 = *addr6; 2260 lle->base.lle_refcnt = 1; 2261 lle->base.lle_free = in6_lltable_destroy_lle; 2262 LLE_LOCK_INIT(&lle->base); 2263 callout_init(&lle->base.lle_timer, CALLOUT_MPSAFE); 2264 2265 return &lle->base; 2266 } 2267 2268 static int 2269 in6_lltable_match_prefix(const struct sockaddr *prefix, 2270 const struct sockaddr *mask, u_int flags, struct llentry *lle) 2271 { 2272 const struct sockaddr_in6 *pfx = (const struct sockaddr_in6 *)prefix; 2273 const struct sockaddr_in6 *msk = (const struct sockaddr_in6 *)mask; 2274 2275 if (IN6_ARE_MASKED_ADDR_EQUAL(&lle->r_l3addr.addr6, 2276 &pfx->sin6_addr, &msk->sin6_addr) && 2277 ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))) 2278 return 1; 2279 2280 return 0; 2281 } 2282 2283 static void 2284 in6_lltable_free_entry(struct lltable *llt, struct llentry *lle) 2285 { 2286 struct ifnet *ifp __diagused; 2287 2288 LLE_WLOCK_ASSERT(lle); 2289 KASSERT(llt != NULL); 2290 2291 /* Unlink entry from table */ 2292 if ((lle->la_flags & LLE_LINKED) != 0) { 2293 2294 ifp = llt->llt_ifp; 2295 IF_AFDATA_WLOCK_ASSERT(ifp); 2296 lltable_unlink_entry(llt, lle); 2297 } 2298 2299 KASSERT(mutex_owned(softnet_lock)); 2300 callout_halt(&lle->lle_timer, softnet_lock); 2301 LLE_REMREF(lle); 2302 2303 llentry_free(lle); 2304 } 2305 2306 static int 2307 in6_lltable_rtcheck(struct ifnet *ifp, 2308 u_int flags, 2309 const struct sockaddr *l3addr) 2310 { 2311 struct rtentry *rt; 2312 2313 KASSERTMSG(l3addr->sa_family == AF_INET6, 2314 "sin_family %d", l3addr->sa_family); 2315 2316 rt = rtalloc1(l3addr, 0); 2317 if (rt == NULL || (rt->rt_flags & RTF_GATEWAY) || rt->rt_ifp != ifp) { 2318 struct ifaddr *ifa; 2319 /* 2320 * Create an ND6 cache for an IPv6 neighbor 2321 * that is not covered by our own prefix. 2322 */ 2323 /* XXX ifaof_ifpforaddr should take a const param */ 2324 ifa = ifaof_ifpforaddr(l3addr, ifp); 2325 if (ifa != NULL) { 2326 ifafree(ifa); 2327 if (rt != NULL) 2328 rtfree(rt); 2329 return 0; 2330 } 2331 log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n", 2332 ip6_sprintf(&((const struct sockaddr_in6 *)l3addr)->sin6_addr)); 2333 if (rt != NULL) 2334 rtfree(rt); 2335 return EINVAL; 2336 } 2337 rtfree(rt); 2338 return 0; 2339 } 2340 2341 static inline uint32_t 2342 in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize) 2343 { 2344 2345 return IN6_LLTBL_HASH(dst->s6_addr32[3], hsize); 2346 } 2347 2348 static uint32_t 2349 in6_lltable_hash(const struct llentry *lle, uint32_t hsize) 2350 { 2351 2352 return in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize); 2353 } 2354 2355 static void 2356 in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa) 2357 { 2358 struct sockaddr_in6 *sin6; 2359 2360 sin6 = (struct sockaddr_in6 *)sa; 2361 bzero(sin6, sizeof(*sin6)); 2362 sin6->sin6_family = AF_INET6; 2363 sin6->sin6_len = sizeof(*sin6); 2364 sin6->sin6_addr = lle->r_l3addr.addr6; 2365 } 2366 2367 static inline struct llentry * 2368 in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst) 2369 { 2370 struct llentry *lle; 2371 struct llentries *lleh; 2372 u_int hashidx; 2373 2374 hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize); 2375 lleh = &llt->lle_head[hashidx]; 2376 LIST_FOREACH(lle, lleh, lle_next) { 2377 if (lle->la_flags & LLE_DELETED) 2378 continue; 2379 if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst)) 2380 break; 2381 } 2382 2383 return lle; 2384 } 2385 2386 static int 2387 in6_lltable_delete(struct lltable *llt, u_int flags, 2388 const struct sockaddr *l3addr) 2389 { 2390 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2391 struct llentry *lle; 2392 2393 IF_AFDATA_WLOCK_ASSERT(llt->llt_ifp); 2394 KASSERTMSG(l3addr->sa_family == AF_INET6, 2395 "sin_family %d", l3addr->sa_family); 2396 2397 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2398 2399 if (lle == NULL) 2400 return ENOENT; 2401 2402 LLE_WLOCK(lle); 2403 lle->la_flags |= LLE_DELETED; 2404 #ifdef DIAGNOSTIC 2405 log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle); 2406 #endif 2407 if ((lle->la_flags & (LLE_STATIC | LLE_IFADDR)) == LLE_STATIC) 2408 llentry_free(lle); 2409 else 2410 LLE_WUNLOCK(lle); 2411 2412 return 0; 2413 } 2414 2415 static struct llentry * 2416 in6_lltable_create(struct lltable *llt, u_int flags, 2417 const struct sockaddr *l3addr) 2418 { 2419 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2420 struct ifnet *ifp = llt->llt_ifp; 2421 struct llentry *lle; 2422 2423 IF_AFDATA_WLOCK_ASSERT(ifp); 2424 KASSERTMSG(l3addr->sa_family == AF_INET6, 2425 "sin_family %d", l3addr->sa_family); 2426 2427 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2428 2429 if (lle != NULL) { 2430 LLE_WLOCK(lle); 2431 return lle; 2432 } 2433 2434 /* 2435 * A route that covers the given address must have 2436 * been installed 1st because we are doing a resolution, 2437 * verify this. 2438 */ 2439 if (!(flags & LLE_IFADDR) && 2440 in6_lltable_rtcheck(ifp, flags, l3addr) != 0) 2441 return NULL; 2442 2443 lle = in6_lltable_new(&sin6->sin6_addr, flags); 2444 if (lle == NULL) { 2445 log(LOG_INFO, "lla_lookup: new lle malloc failed\n"); 2446 return NULL; 2447 } 2448 lle->la_flags = flags; 2449 if ((flags & LLE_IFADDR) == LLE_IFADDR) { 2450 memcpy(&lle->ll_addr, CLLADDR(ifp->if_sadl), ifp->if_addrlen); 2451 lle->la_flags |= LLE_VALID; 2452 } 2453 2454 lltable_link_entry(llt, lle); 2455 LLE_WLOCK(lle); 2456 2457 return lle; 2458 } 2459 2460 static struct llentry * 2461 in6_lltable_lookup(struct lltable *llt, u_int flags, 2462 const struct sockaddr *l3addr) 2463 { 2464 const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr; 2465 struct llentry *lle; 2466 2467 IF_AFDATA_LOCK_ASSERT(llt->llt_ifp); 2468 KASSERTMSG(l3addr->sa_family == AF_INET6, 2469 "sin_family %d", l3addr->sa_family); 2470 2471 lle = in6_lltable_find_dst(llt, &sin6->sin6_addr); 2472 2473 if (lle == NULL) 2474 return NULL; 2475 2476 if (flags & LLE_EXCLUSIVE) 2477 LLE_WLOCK(lle); 2478 else 2479 LLE_RLOCK(lle); 2480 return lle; 2481 } 2482 2483 static int 2484 in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle, 2485 struct rt_walkarg *w) 2486 { 2487 struct sockaddr_in6 sin6; 2488 2489 LLTABLE_LOCK_ASSERT(); 2490 2491 /* skip deleted entries */ 2492 if (lle->la_flags & LLE_DELETED) 2493 return 0; 2494 2495 sockaddr_in6_init(&sin6, &lle->r_l3addr.addr6, 0, 0, 0); 2496 2497 return lltable_dump_entry(llt, lle, w, sin6tosa(&sin6)); 2498 } 2499 2500 static struct lltable * 2501 in6_lltattach(struct ifnet *ifp) 2502 { 2503 struct lltable *llt; 2504 2505 llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE); 2506 llt->llt_af = AF_INET6; 2507 llt->llt_ifp = ifp; 2508 2509 llt->llt_lookup = in6_lltable_lookup; 2510 llt->llt_create = in6_lltable_create; 2511 llt->llt_delete = in6_lltable_delete; 2512 llt->llt_dump_entry = in6_lltable_dump_entry; 2513 llt->llt_hash = in6_lltable_hash; 2514 llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry; 2515 llt->llt_free_entry = in6_lltable_free_entry; 2516 llt->llt_match_prefix = in6_lltable_match_prefix; 2517 lltable_link(llt); 2518 2519 return llt; 2520 } 2521 2522 void * 2523 in6_domifattach(struct ifnet *ifp) 2524 { 2525 struct in6_ifextra *ext; 2526 2527 ext = malloc(sizeof(*ext), M_IFADDR, M_WAITOK|M_ZERO); 2528 2529 ext->in6_ifstat = malloc(sizeof(struct in6_ifstat), 2530 M_IFADDR, M_WAITOK|M_ZERO); 2531 2532 ext->icmp6_ifstat = malloc(sizeof(struct icmp6_ifstat), 2533 M_IFADDR, M_WAITOK|M_ZERO); 2534 2535 ext->nd_ifinfo = nd6_ifattach(ifp); 2536 ext->scope6_id = scope6_ifattach(ifp); 2537 ext->nprefixes = 0; 2538 ext->ndefrouters = 0; 2539 2540 ext->lltable = in6_lltattach(ifp); 2541 2542 return ext; 2543 } 2544 2545 void 2546 in6_domifdetach(struct ifnet *ifp, void *aux) 2547 { 2548 struct in6_ifextra *ext = (struct in6_ifextra *)aux; 2549 2550 lltable_free(ext->lltable); 2551 ext->lltable = NULL; 2552 nd6_ifdetach(ifp, ext); 2553 free(ext->in6_ifstat, M_IFADDR); 2554 free(ext->icmp6_ifstat, M_IFADDR); 2555 scope6_ifdetach(ext->scope6_id); 2556 free(ext, M_IFADDR); 2557 } 2558 2559 /* 2560 * Convert IPv4 address stored in struct in_addr to IPv4-Mapped IPv6 address 2561 * stored in struct in6_addr as defined in RFC 4921 section 2.5.5.2. 2562 */ 2563 void 2564 in6_in_2_v4mapin6(const struct in_addr *in, struct in6_addr *in6) 2565 { 2566 in6->s6_addr32[0] = 0; 2567 in6->s6_addr32[1] = 0; 2568 in6->s6_addr32[2] = IPV6_ADDR_INT32_SMP; 2569 in6->s6_addr32[3] = in->s_addr; 2570 } 2571 2572 /* 2573 * Convert sockaddr_in6 to sockaddr_in. Original sockaddr_in6 must be 2574 * v4 mapped addr or v4 compat addr 2575 */ 2576 void 2577 in6_sin6_2_sin(struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2578 { 2579 memset(sin, 0, sizeof(*sin)); 2580 sin->sin_len = sizeof(struct sockaddr_in); 2581 sin->sin_family = AF_INET; 2582 sin->sin_port = sin6->sin6_port; 2583 sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3]; 2584 } 2585 2586 /* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */ 2587 void 2588 in6_sin_2_v4mapsin6(const struct sockaddr_in *sin, struct sockaddr_in6 *sin6) 2589 { 2590 memset(sin6, 0, sizeof(*sin6)); 2591 sin6->sin6_len = sizeof(struct sockaddr_in6); 2592 sin6->sin6_family = AF_INET6; 2593 sin6->sin6_port = sin->sin_port; 2594 in6_in_2_v4mapin6(&sin->sin_addr, &sin6->sin6_addr); 2595 } 2596 2597 /* Convert sockaddr_in6 into sockaddr_in. */ 2598 void 2599 in6_sin6_2_sin_in_sock(struct sockaddr *nam) 2600 { 2601 struct sockaddr_in *sin_p; 2602 struct sockaddr_in6 sin6; 2603 2604 /* 2605 * Save original sockaddr_in6 addr and convert it 2606 * to sockaddr_in. 2607 */ 2608 sin6 = *(struct sockaddr_in6 *)nam; 2609 sin_p = (struct sockaddr_in *)nam; 2610 in6_sin6_2_sin(sin_p, &sin6); 2611 } 2612 2613 /* Convert sockaddr_in into sockaddr_in6 in v4 mapped addr format. */ 2614 void 2615 in6_sin_2_v4mapsin6_in_sock(struct sockaddr **nam) 2616 { 2617 struct sockaddr_in *sin_p; 2618 struct sockaddr_in6 *sin6_p; 2619 2620 sin6_p = malloc(sizeof(*sin6_p), M_SONAME, M_WAITOK); 2621 sin_p = (struct sockaddr_in *)*nam; 2622 in6_sin_2_v4mapsin6(sin_p, sin6_p); 2623 free(*nam, M_SONAME); 2624 *nam = (struct sockaddr *)sin6_p; 2625 } 2626